Tanium: Build Get-Processes Request activity

This workflow activity takes the IPV4 address of a CI added to a security incident and builds a request to the Tanium server for all the running processes for that CI. The output is the details necessary for executing the request, with the payload encrypted.

Input variables

Input variables determine the initial behavior of the activity.

Table 1. Input variables
Variable Description
ci_ip_address [string] The IPV4 address of the CI that was added to a security incident. This input field is mandatory.

Output variables

The output variables contain data that can be used in subsequent activities.

Table 2. Output variables
Variable Description
endpoint [string] The encrypted endpoint from the database.
request_body [Encrypted] The SOAP request body.
http_timeout [Integer] The HTTP timeout value, in seconds.
use_mid [Boolean] A boolean flag indicating whether to use the MID Server.